Encryption Everywhere Program powered by DigiCert is a turn-key partnership program that enables you to bring security solutions to small business owners, some of whom-right now-have nothing in place, and have no idea of how dangerous that is.

PartnerLink is a comprehensive online tool, exclusively for Symantec Website Security partners. Now, existing partners have one location to access everything they need to sell, manage and support their Symantec Website Security solutions.

SECURITY TOPICS

How Does SSL/TLS Work?
What Is An SSL/TLS Handshake?

SSL/TLS are protocols used for encrypting information between two points. It is usually between server and client, but there are times when server to server and client to client encryption are needed. This article will focus only on the negotiation between server and client.

For SSL/TLS negotiation to take place, the system administrator must prepare the minimum of 2 files: Private Key and Certificate. When requesting from a Certificate Authority such as Symantec Trust Services, an additional file must be created. This file is called Certificate Signing Request, generated from the Private Key. The process for generating the files are dependent on the software that will be using the files for encryption. For a list of the server softwares Symantec has, look at: Symantec CSR Generation.

Note that although certificates requested from Certificate Authorities such as Symantec are inherently trusted by most clients, additional certificates called Intermediate Certificate Authority Certificates and Certificate Authority Root Certificates may need to be installed on the server. This is again server software dependent. There is usually no need to install the Intermediate and Root CA files on the client applications or browsers.

Once the files are ready and correctly installed, just start the SSL/TLS negotiation by using the secured protocol. On browser applications it is usually https://www.symantec.com. Remember to use your secured website address. Above is just a sample address.

Why Symantec SSL/TLS?

Why Symantec SSL/TLS?

The Standard SSL Handshake

The following is a standard SSL handshake when RSA key exchange algorithm is used:

1. Client Hello

Information that the server needs to communicate with the client using SSL. This includes the SSL version number, cipher settings, session-specific data.

4. Decryption and Master Secret

Server uses its private key to decrypt the pre-master secret. Both Server and Client perform steps to generate the master secret with the agreed cipher.

2. Server Hello

Information that the server needs to communicate with the client using SSL. This includes the SSL version number, cipher settings, session-specific data.

5. Encryption with Session Key

Both client and server exchange messages to inform that future messages will be encrypted.

3. Authentication and Pre-Master Secret

Client authenticates the server certificate. (e.g. Common Name / Date / Issuer) Client (depending on the cipher) creates the pre-master secret for the session, Encrypts with the server's public key and sends the encrypted pre-master secret to the server.

Why Symantec SSL/TLS?

Mention PKI or ‘Client Certificates’ to many people and it may well conjure up images of businesses busily protecting and completing their customers’ online transactions, yet such certificates are to be found throughout our daily lives, in any number of flavors; when we sign into a VPN; use a bank card at an ATM, or a card to gain access to a building; within Oyster public transport smart cards, used in central London.